Overview

overview

1

Static

static

1

URLScan

urlscan

1

https://hr.beiyel.co...

windows10-1703-x64

1

Analysis

  • max time kernel
    389s
  • max time network
    435s
  • platform
    windows10-1703_x64
  • resource
    win10-20230220-en
  • resource tags

    arch:x64arch:x86image:win10-20230220-enlocale:en-usos:windows10-1703-x64system
  • submitted
    15-05-2023 19:35

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://hr.beiyel.com/?tzhv

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 47 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://hr.beiyel.com/?tzhv
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3188
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3188 CREDAT:82945 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3548

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    471B

    MD5

    c8acc7ebd0274710ad136e9ebbf77b30

    SHA1

    d99222d014b6694013aca886e37094c480120566

    SHA256

    5faffea9fd8c3fd5cccb9acb4fc3dcda1b50e9f69e382acb3e07c893918a53d5

    SHA512

    8f030769ed0daa410468084783ec029e4a26697b8c684c18d270c459b84ca9b2359511540e37db2b35561893d72c314d273af066b623cbb3b49e7cd28ce2ecee

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\C8408FE5CA4467EE4DA84A76EF238FE3
    Filesize

    1KB

    MD5

    e829e65d7c4307d6fbc13c179e037a36

    SHA1

    a053375bfe84e8b748782c7cee15827a6af5a405

    SHA256

    67add1166b020ae61b8f5fc96813c04c2aa589960796865572a3c7e737613dfd

    SHA512

    96c5793b2b57d8df5891c94015720960e0da4c2cf8ce1fc5707a0b46e5db8ce3761fb5fdb430f619d1579f13e80fbdd973ef6a024129ed039aa193273158fcad

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    434B

    MD5

    d01e2c1092cefd198b0a58947b13843f

    SHA1

    f39a466f771d6f53eddb0f42e51ddf4439fe58e1

    SHA256

    4566755c2e6602f50b3b5e0fbd15e683b213112e4a930582bec5882b09d6d5e1

    SHA512

    8b18f6a05bdc329aebd1f140c254663eff6f899f16cee27ffbe47b0d81d60a24dc8f034105b322961925674d11df09d9a0e9201277c90fdcbb250a412043f2ce

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\6FGHNCOX\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCookies\OCQY1Q8D.cookie
    Filesize

    607B

    MD5

    5b11e9e519d0eb16278a71190a9b4e4d

    SHA1

    3678129dbe3c2c3cb79d2f2a3a4252f9ab904e01

    SHA256

    2d2b0199e6d281810e726ae85a7fc392f6abe82c0674f0f4387cf554e4a983ae

    SHA512

    04b15269f7fd5318dd92d179312ded6f56b97d37572a59dac235f7240b54e3af5f71bca746c332342939d454578207abdcf2799bd76472c73d35c755812bce8e

    Download Submit